package com.dave.admin.config.auth.component;

import lombok.AllArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.logout.LogoutHandler;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 自定义退出逻辑
 * @author Dave
 */
@Slf4j
@Component
@AllArgsConstructor
public class BossLogoutHandler implements LogoutHandler {

    @Override
    public void logout(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) {
        // 没认证就返回
        if (authentication == null) {
            return;
        }

        // 认证--就获取当前用户信息 删除jwt 中保存的信息
        UserDetails user = (UserDetails) authentication.getPrincipal();
        if (user != null && user.getUsername() != null) {
            // 版本号来区别这个jwt 是否存在 或者改盐值
        }
    }

}
